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(57) Abstract 

A user authentication service is disclosed which is both highly secure and user friendly. To access a particular service, a user simply 
enters a personal identification type number (PIN) using a portable terminal devices which encodes the PIN. More specifically, a character 
position of the user's PIN is determined, and a random code having a length selectable at each service transaction by the user is generated. 
The user's PIN is encrypted using one of plural available, pseudo-randomly encrypting algorithms to provide an encrypted PIN. The 
encrypted PIN is then combined with the code at the determined position before being transmitted over a communications network. When 
received, the encoded PIN is decoded using an analogous procedure to determine if the user is authorized. A plurality of security levels 
arc provided with each level having a plurality of encryption algorithms and with each increasing level providing encryption algorithms 
of increasing complexity and sophistication; A user may also change a current PIN from the portable device easily and securely without 
having to contact a service center. 
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DAVID 
CHAUM ON 
ELECTRONIC 
COMMERCE 

How Much Do 
You Trust Big 
Brother? 






mmbout 20 years ago David Chaum had a vision of the future of 
^^^mformation technology that changed his life. At die time Chaum 
^T^^^os studying for his doctorate in computer science at the 
University of California, Berkeley where he was working on cryptographic 
protocols for establishing trust between mutually untrusting parties. 
Chaum intuitively got " where the Internet was taking us, and began to 
think about models that would make electronic commerce feasible. What 
eventually resulted was a new method for making electronic transactions 
untraceable, Chaum s blind signature protocol. Applied to an online pay- 
ment transaction, this new protocol assured a bank or merchant that pay- 
ments were not forged, while also assuring users that information about 
them and their purchases could not be traced. 

Sound good? Well, theres a little matter that if would lead to a para- 
digm shift from the way electronic transactions are handled in our soci- 
ety where credit card use predominates. But still — aren't you worried that 
your privacy will become illusory as information goes increasingly online: 
that you may be forced to trade some rights and some independence for 
the efficiencies and miracles of the digital age? 

Chaum has spent his professional life in creative confrontation with 
this issue. After teaching at New York University and the University of 



1089- 7801/97/t 10.00 A997 IEEE 



IEEE INTERNET COMPUTING 



ELECTRO 




YMENTS 



In youi 



smartcards 



The worldwide boom in 
smartcard deployment is 
accelerating their evolution 
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I ake a look in your wallet and what do 
you find? In all likelihood, bills and 
coins. A variety of credit cards. A driver's 
license. A transit pass. A voter registration 
card. A library card. A video rental card. Insurance 
cards. Frequent flyer and car rental cards. A telephone 
charge card. 

By the end of the century, all of these documents might 
be replaced by just two or three smartcards. Because they 
can store and protect relatively large amounts of data, smart- 
cards are being used in a number of ways around the world, replacing a 
wallet's contents bit by bit. Stored-value cards were in place last year in 
Atlanta, Ga. ( at Olympic venues standing in for coins and bills. A health 
card identifying the holder's insurance provider and account number has 
been issued to every citizen of Germany, and plans are in place to add such 
medical information as the name of the holder's doctor, blood type, allergic 
reactions, medications, next of kin, and instructions in case of emergency. 
Smart social security cards in Spain interface with a kiosk system that can 
provide updated information on benefits and eligibility, as well as pertinent 
job opportunities. 

Today, most smartcards handle a single application, but will realize their 
true value when a single card can address multiple applications. For exam- 
ple, a credit card could have a stored-value function for small purchases, in 
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